Examples with ActionResponse org.forgerock.json.resource.ActionResponse used on opensource projects

Example 31 with ActionResponse

use of org.forgerock.json.resource.ActionResponse in project OpenAM by OpenRock.

the class IdentityResourceV1 method anonymousUpdate.

/**
     * Perform an anonymous update of a user's password using the provided token.
     *
     * The token must match a token placed in the CTS in order for the request
     * to proceed.
     *
     * @param context Non null
     * @param request Non null
     * @param realm Non null
     */
private Promise<ActionResponse, ResourceException> anonymousUpdate(final Context context, final ActionRequest request, final String realm) {
    final String tokenID;
    String confirmationId;
    String username;
    String nwpassword;
    final JsonValue jVal = request.getContent();
    try {
        tokenID = jVal.get(TOKEN_ID).asString();
        jVal.remove(TOKEN_ID);
        confirmationId = jVal.get(CONFIRMATION_ID).asString();
        jVal.remove(CONFIRMATION_ID);
        username = jVal.get(USERNAME).asString();
        nwpassword = jVal.get("userpassword").asString();
        if (username == null || username.isEmpty()) {
            throw new BadRequestException("username not provided");
        }
        if (nwpassword == null || username.isEmpty()) {
            throw new BadRequestException("new password not provided");
        }
        validateToken(tokenID, realm, username, confirmationId);
        // update Identity
        SSOToken admin = RestUtils.getToken();
        // Update instance with new password value
        return updateInstance(admin, jVal, realm).thenAsync(new AsyncFunction<ActionResponse, ActionResponse, ResourceException>() {

            @Override
            public Promise<ActionResponse, ResourceException> apply(ActionResponse response) {
                // Only remove the token if the update was successful, errors will be set in the handler.
                try {
                    // Even though the generated token will eventually timeout, delete it after a successful read
                    // so that the reset password request cannot be made again using the same token.
                    CTSHolder.getCTS().deleteAsync(tokenID);
                } catch (DeleteFailedException e) {
                    // reading and deleting, the token has expired.
                    if (debug.messageEnabled()) {
                        debug.message("Deleting token " + tokenID + " after a successful " + "read failed due to " + e.getMessage(), e);
                    }
                } catch (CoreTokenException cte) {
                    // For any unexpected CTS error
                    debug.error("Error performing anonymousUpdate", cte);
                    return new InternalServerErrorException(cte.getMessage(), cte).asPromise();
                }
                return newResultPromise(response);
            }
        });
    } catch (BadRequestException bre) {
        // For any malformed request.
        debug.warning("Bad request received for anonymousUpdate " + bre.getMessage());
        return bre.asPromise();
    } catch (ResourceException re) {
        debug.warning("Error performing anonymousUpdate", re);
        return re.asPromise();
    } catch (CoreTokenException cte) {
        // For any unexpected CTS error
        debug.error("Error performing anonymousUpdate", cte);
        return new InternalServerErrorException(cte).asPromise();
    }
}

Example 32 with ActionResponse

use of org.forgerock.json.resource.ActionResponse in project OpenAM by OpenRock.

the class PrivilegeAuthzModuleTest method crestActionEvaluateIsAllowed.

@Test
public void crestActionEvaluateIsAllowed() throws SSOException, DelegationException {
    // Given...
    final Set<String> actions = new HashSet<>(Arrays.asList("READ"));
    final DelegationPermission permission = new DelegationPermission("/abc", "rest", "1.0", "policies", "evaluate", actions, EXTENSIONS, DUMB_FUNC);
    given(factory.newInstance("/abc", "rest", "1.0", "policies", "evaluate", actions, EXTENSIONS)).willReturn(permission);
    given(subjectContext.getCallerSSOToken()).willReturn(token);
    given(evaluator.isAllowed(eq(token), eq(permission), eq(ENVIRONMENT))).willReturn(true);
    JsonValue jsonValue = json(object(field("someKey", "someValue")));
    Promise<ActionResponse, ResourceException> promise = Promises.newResultPromise(Responses.newActionResponse(jsonValue));
    given(provider.actionCollection(isA(Context.class), isA(ActionRequest.class))).willReturn(promise);
    // When...
    final FilterChain chain = AuthorizationFilters.createAuthorizationFilter(provider, module);
    final Router router = new Router();
    router.addRoute(RoutingMode.STARTS_WITH, Router.uriTemplate("/policies"), chain);
    final RealmContext context = new RealmContext(subjectContext);
    context.setSubRealm("abc", "abc");
    final ActionRequest request = Requests.newActionRequest("/policies", "evaluate");
    Promise<ActionResponse, ResourceException> result = router.handleAction(context, request);
    // Then...
    assertThat(result).succeeded().withContent().stringAt("someKey").isEqualTo("someValue");
}

Example 33 with ActionResponse

use of org.forgerock.json.resource.ActionResponse in project OpenAM by OpenRock.

the class PrivilegeAuthzModuleTest method crestActionBlowupIsAllowed.

@Test
public void crestActionBlowupIsAllowed() throws SSOException, DelegationException {
    // Given...
    final Set<String> actions = new HashSet<>(Arrays.asList("MODIFY"));
    final DelegationPermission permission = new DelegationPermission("/abc", "rest", "1.0", "policies", "destroy", actions, EXTENSIONS, DUMB_FUNC);
    given(factory.newInstance("/abc", "rest", "1.0", "policies", "destroy", actions, EXTENSIONS)).willReturn(permission);
    given(subjectContext.getCallerSSOToken()).willReturn(token);
    given(evaluator.isAllowed(eq(token), eq(permission), eq(ENVIRONMENT))).willReturn(true);
    JsonValue jsonValue = json(object(field("someKey", "someValue")));
    Promise<ActionResponse, ResourceException> promise = Promises.newResultPromise(Responses.newActionResponse(jsonValue));
    given(provider.actionCollection(isA(Context.class), isA(ActionRequest.class))).willReturn(promise);
    // When...
    final FilterChain chain = AuthorizationFilters.createAuthorizationFilter(provider, module);
    final Router router = new Router();
    router.addRoute(RoutingMode.STARTS_WITH, Router.uriTemplate("/policies"), chain);
    final RealmContext context = new RealmContext(subjectContext);
    context.setSubRealm("abc", "abc");
    final ActionRequest request = Requests.newActionRequest("/policies", "blowup");
    Promise<ActionResponse, ResourceException> result = router.handleAction(context, request);
    // Then...
    assertThat(result).succeeded().withContent().stringAt("someKey").isEqualTo("someValue");
}

Example 34 with ActionResponse

use of org.forgerock.json.resource.ActionResponse in project OpenAM by OpenRock.

the class AuditFilterTest method shouldReturnNullForActionSuccess.

@Test
public void shouldReturnNullForActionSuccess() {
    ActionRequest actionRequest = mock(ActionRequest.class);
    ActionResponse actionResponse = mock(ActionResponse.class);
    JsonValue filterResponse = auditFilter.getActionSuccessDetail(actionRequest, actionResponse);
    assertThat(filterResponse).isEqualTo(null);
}

Example 35 with ActionResponse

use of org.forgerock.json.resource.ActionResponse in project OpenAM by OpenRock.

the class PoliciesAuditFilterTest method shouldReturnJsonDetailForActionSuccess.

@Test
public void shouldReturnJsonDetailForActionSuccess() {
    JsonValue jsonValue = new JsonValue("Test string");
    ActionResponse actionResponse = Responses.newActionResponse(jsonValue);
    ActionRequest actionRequest = mock(ActionRequest.class);
    JsonValue filterResponse = auditFilter.getActionSuccessDetail(actionRequest, actionResponse);
    assertThat(filterResponse).isEqualTo(jsonValue);
}